HTTP/2 302 server: nginx date: Wed, 16 Jul 2025 13:09:48 GMT content-type: text/plain; charset=utf-8 content-length: 0 x-archive-redirect-reason: found capture at 20081010154742 location: https://web.archive.org/web/20081010154742/https://www.javageeks.com/Papers/JavaPolicy server-timing: captures_list;dur=0.698598, exclusion.robots;dur=0.025645, exclusion.robots.policy;dur=0.011479, esindex;dur=0.012744, cdx.remote;dur=15.412685, LoadShardBlock;dur=251.015330, PetaboxLoader3.datanode;dur=67.086810, PetaboxLoader3.resolve;dur=132.368363 x-app-server: wwwb-app216 x-ts: 302 x-tr: 303 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 set-cookie: SERVER=wwwb-app216; path=/ x-location: All x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() HTTP/2 200 server: nginx date: Wed, 16 Jul 2025 13:09:49 GMT content-type: text/html x-archive-orig-date: Fri, 10 Oct 2008 22:47:42 GMT x-archive-orig-server: Apache/1.3.33 (Unix) mod_jk/1.2.14 mod_ssl/2.8.23 OpenSSL/0.9.7a PHP/4.4.0 FrontPage/5.0.2.2635 x-archive-orig-content-length: 1355 x-archive-orig-etag: "1355-1040881437000" x-archive-orig-last-modified: Thu, 26 Dec 2002 05:43:57 GMT x-archive-orig-connection: close x-archive-orig-x_commoncrawl_parsesegmentid: 4361 x-archive-orig-x_commoncrawl_originalurl: https://www.javageeks.com/Papers/JavaPolicy x-archive-orig-x_commoncrawl_urlfp: -7410740242393232576 x-archive-orig-x_commoncrawl_hostfp: 4591602966715855650 x-archive-orig-x_commoncrawl_signature: f8921b371c6812b2ceeb619c2bd320cc x-archive-orig-x_commoncrawl_crawlno: 1 x-archive-orig-x_commoncrawl_fetchtimestamp: 1223678862288 x-archive-guessed-content-type: text/html x-archive-guessed-charset: utf-8 memento-datetime: Fri, 10 Oct 2008 15:47:42 GMT link: ; rel="original", ; rel="timemap"; type="application/link-format", ; rel="timegate", ; rel="first memento"; datetime="Sat, 18 Aug 2001 22:28:41 GMT", ; rel="prev memento"; datetime="Tue, 08 Mar 2005 01:26:16 GMT", ; rel="memento"; datetime="Fri, 10 Oct 2008 15:47:42 GMT", ; rel="next memento"; datetime="Tue, 22 Sep 2009 03:07:11 GMT", ; rel="last memento"; datetime="Tue, 22 Sep 2009 03:07:11 GMT" content-security-policy: default-src 'self' 'unsafe-eval' 'unsafe-inline' data: blob: archive.org web.archive.org web-static.archive.org wayback-api.archive.org athena.archive.org analytics.archive.org pragma.archivelab.org wwwb-events.archive.org x-archive-src: 1224042347617_53-c/1224042410115_32.arc.gz server-timing: captures_list;dur=0.607012, exclusion.robots;dur=0.023667, exclusion.robots.policy;dur=0.011798, esindex;dur=0.013566, cdx.remote;dur=59.415722, LoadShardBlock;dur=165.796680, PetaboxLoader3.datanode;dur=181.557195, PetaboxLoader3.resolve;dur=163.908875, load_resource;dur=196.532672 x-app-server: wwwb-app216 x-ts: 200 x-tr: 464 server-timing: TR;dur=0,Tw;dur=0,Tc;dur=0 x-location: All x-rl: 0 x-na: 0 x-page-cache: MISS server-timing: MISS x-nid: DigitalOcean referrer-policy: no-referrer-when-downgrade permissions-policy: interest-cohort=() content-encoding: gzip

java.security.Policy

When "java.policy" Just Isn't Good Enough

Abstract:

Java 2's security system is a complex, pluggable architecture that allows for Java programmers to participate in the default process, or to replace the java.policy-based implementation altogether in favor of something else. In fact, Sun favors this latter approach, urging developers to implement a customized Policy implementation more suitable to their business' needs. In this paper, we will examine the details of how a new Policy implementation is built, and provide readers with the knowledge necessary to "roll your own" Java Security Policy implementations. This paper assumes you are familiar, at least in concept, with some of the Java2 Security architecture.

Keywords:Java2 Security JVM

Download the Paper
Download the Code (Note that the code makes heavy use of the Ant build tool for building and running the examples within the paper.)